Senior Cyber Test Engineer

(COMOPTEVFOR)


207 Business Park Dr., Ste. 100

VA Beach, VA 23462

​​​​​​​Employee Type: Full-Time
Location:  Virginia Beach, VA
Job Type: Senior Cyber Test Engineer
Experience: 5+ Years​

Clearance Type: TS (SCI Eligible) 



​​AERMOR is seeking qualified candidates with Cyber Test Engineer experience that will be able to work closely with other members of a test team.


Responsibilities Include:

  • ​Observes and assesses fleet and combatant cyber exercises.
  • Develop, maintain and assist in the execution of test plans.
  • Conduct Cybersecurity architecture (SUT or SoS) review and document review.
  • Participate in cross-functional team meetings, scoping, decision making and technical discussion.
  • Interface with developers to obtain and clarify documentation.
  • Review system diagrams, cybersecurity architecture, and other documentation, analyze testability of requirements and identify the attack surface and attack vectors.
  • Apply analytical and problem solving skills to determine appropriate testing scenarios in alignment with mission as well as functional and technical specifications.
  • Communicate with key stakeholders to ensure their requirements are met.
  • Work closely with Program Office and development teams to stay current on system functionality.
  • Review hardware and software capabilities and vulnerabilities as required to support testing.
  • Conduct Cybersecurity test planning site surveys.
  • Develop cybersecurity test designs to support Operational Test Directors.
  • Identify representative exploitations to fully test the cybersecurity of any system under test.
  • Coordinate with other program elements while conducting security testing.


Required Skills and Experience:

  • Experience decomposing system diagrams, cybersecurity architecture, and other documentation to determine the potential attack surface and attack vectors.
  • Experience with various aspects of software and hardware testing.
  • Demonstrate ability to organize, prioritize and self-manage multiple project tasks.
  • Experience with providing test estimation to execution teams.
  • Proficiency with computer hardware and software systems.
  • Extensive knowledge of Microsoft and Linux operating systems and embedded and Real-Time Operating Systems.
  • Strong experience translating requirements and capabilities into operational test plans.
  • Ability to articulate open issues and risks in a timely manner to management and make recommendations.
  • Must be a self-starter with the ability to pick up and learn new systems and architectures with little supervision, as well as adapt to a variety of situations and tasks.
  • Excellent written and verbal communication skills in order to write well-articulated test plans and facilitate product demonstrations.
  • Knowledge and experience with Virtual Machines.
  • Knowledge and understanding of system BIOS settings.
  • Identify insider and nearsider threat opportunities and mitigations as well as physical security controls.
  • Familiarity with computer security measures.
  • Experience with test automation.
  • Experience with Defense Information Systems Agency (DISA) Security Implementation Guides (STIGs) and security controls.
  • Knowledge of Cyber test tools (e.g. Retina, SCAP, ACAS, Nessus, Metasploit, Burp, Nessus, Kali Linux Tool Suite, Core Impact, Burp Suite, IDA Pro, OllyDbg/WinDbg, Nmap, John the Ripper, Cain, Nikto, and packet analysis tools (Wireshark/TCPDump)).
  • Familiar with the Risk Management Framework.
  • Knowledge of domain structures, user authentication, data encryption, access audits and end-user security best practices.
  • Knowledge of data at rest and data in motion principles.
  • Knowledge of network defense systems including but not limited to network and host-based IDS, IPS, firewall, web application firewall, proxy and SIEM systems.
  • Understanding of SCADA systems and protocols.
  • Knowledge of current security tools and industry best practices: tools, techniques, procedures, tactics, attacks and forensics.
  • Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in document review and test planning.
  • Understanding of storage and databases, including relational databases, database management systems, enterprise storage solutions, and security concerns specific to these technologies.
  • Experience with system administration, networking, Computer Network Attack (CNA), Computer Network Exploitation (CNE), Computer Network Defense (CND), and/or penetration testing.
  • Knowledge of scripting and its uses in Cyber testing.
  • Understand fundamentals of how to exploit vulnerabilities in tested systems including (but not limited to): system misconfigurations, zero-day vulnerabilities, Denial of Service (DoS) or Distributed Denial of Service (DDoS) vulnerabilities, privilege escalation, unsupported or unpatched software, and phishing attacks.
  • Knowledge of DoD/Navy networks and communications.
  • Experience with TCP/IP, VLANs, Cyber vulnerability remediation, and Cyber risk analysis.
  • Familiarity with the DISA Enterprise Mission Assurance Support Service (eMASS) application as used to develop, manage and track IA artifacts.
  • Familiarity with Information Assurance Vulnerability Management (IAVM) Plan.
  • Familiarity with Navy Submarine Systems and Missions.
  • Maintain awareness of full testing goals and efforts to assure opportunities for shared events and resources are properly managed and utilized.


Education Requirements

  • 4 Year Degree in one of the following: Computer Science, Computer/Electrical engineering, Systems Engineering (technical), Aeronautical engineering OR
  • ​Minimum 2 years of DoD cybersecurity experience AND Minimum 2 years’ experience in one of the following: Network engineering, Programming (C/C++, python, Bash, etc.), Systems test engineering, Project management, Penetration testing
  • ​DoDD 8570 IAM/IAT II certification or ability to obtain



Apply Now



For more information contact: careers@aermor.com